Mass invisible bloodless cyber-attacks on our country’s institutions and organisations cripple our economy, industry, governance and national security. These attacks can be secretive, more often lethal and more severe than any military operation(s), which are more visible in physical deaths, bloodshed and destruction. These global and lower-scale attacks are becoming everyday occurrences like accidents, wars, fires, unauthorised access and excessively employed for sabotage, subversion and espionage through cyber warfare means of unlimited reach. This ‘white chair borne terrorism’ covers a broad spectrum of cyber-crimes encompassing Aeronautics, Airports, Banks, Defence, DRDO, Education, Hospitals, Hotels, Mints, Nuclear Energy, Oil, Power, Ports, Prasar Bharti (AIR & Doordarshan Kendras) Railways, Refineries, Space, Ship Building, Telecom & various vital Research Centres & Laboratories; in fact in every sphere of human activity. The FICN (Fake Indian Currency Notes) is being pumped by Pakistan in collaboration with China and other inimical forces to derail our economy, causing Economic Disaster to ruin and devastate our country without crossing LOC/IB and firing a bullet. Shockingly, often the FICN entering via Pakistan and some south Asian countries are so well designed that the original currency looks pale inferior.
Our adversaries, Pakistan and China, have realised that bullying India along IB/LOC/LAC will only work in tandem with Cyber Warfare co-opted seriously against India in conflict resolution to their choice and likings.
The recent cyber-attack on all the servers of the All India Institute of Medical Sciences (AIIMS), Delhi, was allegedly launched by China from Hanan province and Hong Kong, but the person, organisation and exact location have not been identified. Even if these are identified, then the possibility of using proxy or virtual servers by attackers does not exist. The Intelligence Fusion and Strategic Operations (IFSO), a cyber-terrorism unit of the Delhi Police, on 25 Nov 2022, registered a case of extortion and cyber terrorism. Multiple agencies, including The National Intelligence Agency (NIA), National Forensic Science University (NFSU), Delhi Cybercrime Special cell, Central Bureau of Investigation (CBI), and Computer Emergency Response Team for India (CERT-IN), the country’s leading cyber security agency, launched their own investigations. CBI followed it up with International Police (INTERPOL). The Minister of State for IT, Rajeev Chandrasekhar, had said that ransomware attack whereby the systems and files of AIIMS computer system were encrypted and rendered unusable. Also, the sensitive data reaches adversaries’ hands as electronic espionage and sabotage. While the backup data may have been used to get back to near normalcy, vast data on the country’s health and medical system has been compromised. The physical security- the aspects I deal with and information technology (IT) security on the internet and intranet has been compromised, and the hospital did not have appropriate standard operating procedures (SOPs), or they were not followed and perhaps did not have cyber experts to prevent cyber-attacks. Only the quick and appropriate IT experts-led independent enquiry would bring the pitfalls in the AIIMS cyber security suggesting immediate remedial measures to ward off such attacks. It also must be ensured that all other sensitive organisations and institutions, as proactive measures, learn from the cyber-attack vulnerabilities from the AIIMS IT system and adopt appropriate SOPs on cyber security. Just imagine hacking by our adversaries, our armed forces, space, nuclear, aviation or RBI and stock exchange for jeopardising our economy and national security.
Every day, thousands of personal computers, laptops, local area networks (LANs), metropolitan area networks (MANs) and wide area networks (WAN) are hacked, and users may not be aware of cyber invasion.
The Massive Black Outs in India
On July 30 and 31, 2012, huge blackouts deprived 670 million Indians of electricity for two days. Grids that supply electricity to half of India’s 1.2 billion people caved in for two days, leaving roads clogged, coal miners trapped underground, hospitals in the dark, and millions of train passengers stranded. The blackout was the worst to hit India and embarrassed the government, which has failed to build enough power capacity to meet soaring demand. During the afternoon rush, just 40 per cent of the power was restored, and the streets were congested with commuters attempting to get home. By midnight, power was restored in the humid capital, New Delhi, and most of the north, but a top official reported that just a third of the rural state of Uttar Pradesh, home to more people than Brazil, had been restored.
Hundreds of millions of people in India were left without electricity for two days during one of the world’s deadliest blackouts, which trapped miners, stranded train passengers, and plunged hospitals into darkness as systems fell twice in two days. The cuts in such a vast area of the world’s second-most populous nation seemed to be among the largest in history and wounded Indians’ pride as the country strives to become a global powerhouse.
After government offices closed early in the decaying coastal metropolis of 5 million people, Kolkata’s train stations were flooded, and vehicles clogged the streets. Some large city hospitals lost electricity, and office buildings were forced to activate diesel generators.
The Metro services came to a grinding halt, and many commuters were struck by 300 trains halting between the stations with air-conditioning stopped. Some passengers panicked as power-controlled automatic doors could not be opened. By mid-evening, services had been restored on the New Delhi Metro System. Two hundred miners were stranded in three deep coal shafts in West Bengal when their electric elevators stopped working.
India was forced to buy extra power from the tiny neighbouring kingdom of Bhutan to help it recover from a blackout that hit more than 300 million people. Indians took to social networking sites to ridicule the United Progressive Alliance (UPA) government, partly for promoting Shinde despite the power cuts.
What was the reason?
Power Minister Sushil Kumar Shinde blamed the system collapse on some states drawing more than their share of electricity from the over-burdened grid, but Uttar Pradesh’s (UP) top civil servant for energy said outdated transmission lines were at fault. The economic growth of Asia’s third-largest economy is hindered by a peak-hour power shortage of approximately 10 per cent.
What was the reason for the Massive Power blackout in India? Was UP at the heart of the power crisis that plunged 600 million people across the country into darkness? Even as the central government and experts poured over the possible reasons, power officials in the state denied any blame. But as an expert on Industrial Security, I needed no help to rule out the cyber sabotage angle.
Was it sabotage?
There is a cyber war between Iran and a few other countries. The Chinese are known for officially hacking sensitive sites the world over. Pakistan, North Korea and many countries worldwide are indulging in bloodless hidden cyber war against their adversaries. It all started two years back with Stuxnet, considered the most sophisticated computer virus ever and virtually the world’s first weapon of mass destruction. It is like a laser-guided missile, and comparing it with an older virus like the Trojan horse and Time Bomb seems like comparing a nuclear bomb with a crude bomb. Cyber experts point a finger towards the US and Israel for developing this malicious program to sabotage Iran’s nuclear installations.
According to IT specialists, numerous variants of Stuxnet, such as Duqu and Flame, are difficult to control, because not all of them are under the creators’ control. Two years ago, the Computer Emergency response Team for India (CERT-IN) issued a warning against these infections, but by that time, more than 80,000 machines in India had already been infected. Giving India the dubious distinction of being the third most infected country with this virus, our nation has suffered unfathomable losses, and numerous hackers are attempting to seize control of these assets.
While an inquiry is underway to determine the origin of the world’s largest blackout, it cannot be ruled out that the Chinese and Pakistani nexus is secretly harming India’s economy and reputation. Cyberwarfare is comparable to chemical and biological warfare because it is not geographically constrained. Our key infrastructure, such as power, oil, nuclear facilities, and defence, may be targeted en masse and at will. The US Defense Advanced Project Agency (DARPA), which contributed to the internet’s development, cannot combat hackers. The “Shadows” investigators and the “Dark Visitor” blog, which investigates Chinese hacking activities, have concluded that these stem from Chengdu University of Electronic Science and Technology, which has unleashed a global cyber war.
Therefore, the SCADA (Supervisory Control and Data Acquisition), also called Industrial Control Systems (ICS), can be hacked easily to put a country like India adversely in the world’s eyes as a soft state and downgrade its economy. We need to develop countermeasures, and our experts know what these are, and the government’s will should not be lacking to implement them; notwithstanding with all hostilities across our borders from eastern Ladakh to Taiwan, the Indian Ocean and cyberbullying, there is record surge in imports from China crossed $100 billion reaching an all-time high of nearly $116 billion this year. Though the global interdependency of every country is the norm now, we must realise that when one’s adversary cannot resolve conflicts within the ambit of military strategy, the adversary resorts to deadly ‘bloodless hidden cyber Warfare’ to destroy the rival.